Presented at
DEF CON 20 (2012),
July 27, 2012, 4 p.m.
(50 minutes)
OpenDLP is a free and open source agent-based data discovery tool that works against Microsoft Windows systems using appropriate authentication credentials. However, one drawback to OpenDLP is that its policy-driven approach makes it arduous to scan disjointed systems that are not part of a Windows domain or do not share the same authentication credentials. To fix this, OpenDLP can now launch its agents over Meterpreter sessions using Metasploit RPC without requiring domain credentials.
Presenters:
-
Charles Smith
- Software Developer, N2 Net Security Inc.
Charles Smith is a graduate of North Carolina State University, and has been building credit card software and developer tools and modules for the last ten years. Recently he has joined N2 Net Security, and has put his skills to ferreting out security vulnerabilities and building new tools to help penetration testers do their jobs more efficiently. He specializes in C++, but is also well-versed in Java, .NET, VB, and Perl.
-
Michael Baucom
- Vice President of R&D, N2 Net Security Inc.
Michael Baucom is the VP of Engineering at N2 Net Security. Michael has taught classes on exploit development and was the technical editor for Gray Hat Hacking: the Ethical Hacker's Handbook. He has worked in development for over 15 years in various industries. While at N2 Net Security he has worked on a wide variety of projects including software security assessments, tool development, and penetration tests.
-
Andrew Gavin
- Security Consultant, Verizon Business
Andrew Gavin, creator of OpenDLP, is an information security consultant at Verizon Business. He has more than 12 years of experience in security assessments of networks and applications. He has consulted for numerous customers in various industries around the world.
Twitter: @OpenDLP (project), @andrewgavin (personal)
Links:
Similar Presentations: